
audit-integrity
✓ Official★ 36,200by github · part of github/awesome-copilot
Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization…
Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization…
Inspect the full instructions your agent will receiveExpandCollapse
This is the exact playbook injected into your agent when the skill activates — shown here so you can audit it before installing. You don't need to read it to use the skill.
by github
Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization…
npx skills add https://github.com/github/awesome-copilot --skill audit-integrity
Download ZIPGitHub36.2k
Audit Integrity Skill
Enforces output quality, intellectual honesty, and continuous improvement across all AppSec agents.
When to Use
-
Every security analysis, code review, threat model, or quality scan agent run
-
Applied automatically as a post-analysis quality gate
-
Applicable to any agent performing SAST, SCA, threat modeling, or code quality analysis
Components
This skill provides 7 reusable capabilities. Agents apply all 7 unless their scope excludes a specific component.
Component Reference File Purpose Clarification Protocol clarification-protocol.md Ask ≤2 targeted questions before analysis when scope is ambiguous Anti-Rationalization Guard anti-rationalization-guard.md Table of prohibited rationalizations with mandatory responses Self-Critique Loop self-critique-loop.md Mandatory second-pass review after initial analysis Retry Protocol retry-protocol.md Tool failure handling — retry once, then document Non-Negotiable Behaviors non-negotiable-behaviors.md Hard rules: never fabricate, always cite evidence, report gaps Self-Reflection Quality Gate self-reflection-quality-gate.md 1–10 scoring rubric with ≥8 threshold per category Self-Learning System self-learning-system.md Lesson/Memory templates and governance rules
Execution Flow
-
Before analysis: Apply Clarification Protocol if scope is ambiguous
-
During analysis: Apply Anti-Rationalization Guard at every decision point
-
After initial pass: Execute Self-Critique Loop (mandatory second pass)
-
On tool failure: Apply Retry Protocol
-
Before delivery: Run Self-Reflection Quality Gate (all categories must score ≥8)
-
After delivery: Create Lessons/Memories for novel findings, false positives, or methodology gaps (see Self-Learning System)
Agent-Specific Adaptation
Each agent customizes the Self-Critique Loop checklist and Self-Reflection Quality Gate categories to match its domain. The reference files provide the base templates; agents extend them with domain-specific items.
Example extensions per agent type
-
SAST/SCA agents: Add taint trace completeness and manifest coverage checks
-
SonarQube-style agents: Add rating sanity check (A–E consistency with findings)
-
Threat modeling agents: Add STRIDE category completeness per trust boundary
-
Code review agents: Add trust boundary audit with data flow tracing
npx skills add https://github.com/github/awesome-copilot --skill audit-integrityRun this in your project — your agent picks the skill up automatically.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.